<?php
/* 
 * 后台管理员用户操作类
 * 程序编写：pennyowen/pepsi.zh
 * 联系邮箱：penyowen#gmail.com/pepsi.zh#gmail.com
 * 修改时间：2008-9-30
 */
if (!defined('IN_SITE')){
     die('Hacking attempt!');
}
interface AdminDbInter{
	### 功能：用户登陆判断  参数：$username 用户名；$password 用户密码 #####
    function userLogin($username,$password);    
	//添加用户 功能：添加管理用户记录 参数：$post：记录内容 
    function addRecord($post);
	//功能：删除一条记录  参数：$Madminid：记录id
	function deleteRecord($Madminid=0);
	//取得后台一个用户管理菜单  参数：$Madminid：记录id
	function getAdminMenuItem($Madminid=0);
	//取得后台一条管理用户信息  参数：$Madminid：记录id
	function getOneAdminInfo($Madminid=0);	
}
class admin implements AdminDbInter
{
	function userLogin($username,$password){
		global $dbtable,$dbconn;
		if (empty($username)){
			return false; 
		}
		$_SESSION["Madmin"]=null;
		$_SESSION["Madminid"]=null;
		$_SESSION["Mflevel"]=null;
		$_SESSION["Mcompetence"]=null;	
		$where = "WHERE `Madmin` = '".trim( $username )."' AND `Mpassword` = '".md5( $password )."' ";
		$sql = "SELECT `Madminid`, `Mflevel`, `Mcompetence`,`Mexpdate` FROM ".$dbtable->admin." $where ORDER BY `Madminid` LIMIT 1";	
		$getUserInfo = $dbconn->Getonerecord($sql);
		//已到期的用户的排除处理
		if($getUserInfo['Mexpdate'] < date( "Y-m-d" )){
			return false;
		}			
		if($getUserInfo['Madminid'] <1)
		{
			return false;
		}
		else{
			$getUserInfo['Mcompetence'] = explode(",", $getUserInfo['Mcompetence']);
			//$adminInfo = $this->getAdminMenuItem( $getUserInfo['Madminid']);
			//print_r($getUserInfo);
			//exit;
			$_SESSION["Madmin"]=$username;
			$_SESSION["Madminid"]=$getUserInfo['Madminid'];
			$_SESSION["Mflevel"]=$getUserInfo['Mflevel'];
			$_SESSION["Mcompetence"]=$getUserInfo['Mcompetence'];
			return true;
		}
	}

	//添加用户
	/*
	 * 功能：添加管理用户记录
	 * 参数：$post：记录内容；
	*/
	function addRecord($post)
	{
		global $dbconn,$dbtable;
		//为普通管理员，则判断有没有权限字段 Mcompetence
		if ($post[Mflevel]>1)
		{
			//取得权限数据转化为字符串
			if (count($post[Mcompetence])>0){
				$post[Mcompetence] = implode(",", $post[Mcompetence]);
			}
		}else{
			//超级管理员不需要权限，置为空即可
			$post[Mcompetence]='';
		}
		//删除其他post过来的无用的值
		//unset($post['McompetenceItem']);
		if ($post[Madminid]){			
			return $dbconn->Query_update($post,$dbtable->admin,array('Madminid'=>$post['Madminid']));
		}else {
			return $dbconn->Query_adate($post,$dbtable->admin);
		}
	}

	/*
	 * 功能：删除记录
	 * 参数：$Madminid：记录id
	*/
	function deleteRecord($Madminid=0){
		global $dbconn,$dbtable;
		if ($Madminid<1)return false;
		$query = "DELETE FROM ".$dbtable->admin." WHERE `Madminid` ='".$Madminid."' ";
		$dbconn->Query($query);
		return $dbconn->returnAffected();
	}

	//取得后台管理菜单
	function getAdminMenuItem($Madminid=0)
	{
		global $dbconn,$dbtable;
		if ($Madminid<1)return false;
		else{
			$query = "SELECT `Mflevel`,`Mcompetence`  FROM ".$dbtable->admin." WHERE `Madminid` ='".$Madminid."' ";
			//SQL语句中加入对结束时间字段 Mexpdate 的筛取
			$getMcompetenceInfo = $dbconn->GetOneLineField($query);
			if ($getMcompetenceInfo['Mflevel']>1)
			{
				//普通管理员，分取权限字符串到数组				
				$getMcompetenceInfo['Mcompetence'] = explode(",", $getMcompetenceInfo['Mcompetence']);
			}
			return $getMcompetenceInfo;
		}
	}

	//取得后台一条管理用户信息
	function getOneAdminInfo($Madminid=0)
	{
		global $dbconn,$dbtable;
		if ($Madminid<1)return false;
		else{
			$query = "SELECT * FROM ".$dbtable->admin." WHERE `Madminid` ='".$Madminid."' ";
			$getMcompetenceInfo = $dbconn->Getonerecord($query);
			if ($getMcompetenceInfo['Mflevel']>1)
			{
				//普通管理员，分取权限字符串到数组				
				$getMcompetenceInfo['Mcompetence'] = explode(",", $getMcompetenceInfo['Mcompetence']);
			}
			return $getMcompetenceInfo;
		}
	}
}
?>